1fa17f6996cc7efdabe3099d0543ec457cff4f54d246c089d6d7dd8e72eee1c9 | Triage

Analysis

max time kernel
114s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
10-05-2022 09:56

Sharing

Report Analysis Logs

General

Target

1028-75-0x0000000000400000-0x000000000042B000-memory.exe
Size

172KB
MD5

8e9ee5c521e6a210832af71bfbdba8a7
SHA1

da017d3ef9f16424612267c4b21c646f8a809740
SHA256

1fa17f6996cc7efdabe3099d0543ec457cff4f54d246c089d6d7dd8e72eee1c9
SHA512

986544dc4ca7766f9bfed0e49376ed62b789ad7075df0194639de9200b8641aecabbb965917a1d35cc5faff7a3f4d203431e88c9dedd57f6230a60a96a42786d

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

1028-75-0x0000000000400000-0x000000000042B000-memory.exe

pid process

4128 1028-75-0x0000000000400000-0x000000000042B000-memory.exe
4128 1028-75-0x0000000000400000-0x000000000042B000-memory.exe

C:\Users\Admin\AppData\Local\Temp\1028-75-0x0000000000400000-0x000000000042B000-memory.exe
"C:\Users\Admin\AppData\Local\Temp\1028-75-0x0000000000400000-0x000000000042B000-memory.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:4128

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4128-130-0x0000000001A50000-0x0000000001D9A000-memory.dmp

Filesize
3.3MB

Download